Why OpenText
Why OpenText
Overview Why OpenText
OpenText brings decades of expertise to help you unlock data, connect people and processes, and fuel AI with trust
Manage and connect data
Unify data seamlessly across your enterprise to eliminate silos, improve collaboration, and reduce risks
AI-ready information
Get AI-ready and transform your data into structured, accessible, optimized information
Built-in security and compliance
Meet regulatory and compliance requirements and protect your information throughout its lifecycle
Empowering people
Overview Empowering people
OpenText helps people manage content, automate work, use AI, and collaborate to boost productivity
Customers
See how thousands of companies around the world are succeeding with innovative solutions from OpenText™
Employees
Our people are our greatest asset; they are the life of the OpenText brand and values
Corporate Responsibility
Learn how we aspire to advance societal goals and accelerate positive change
Partners
Find a highly skilled OpenText partner with the right solution to enable digital transformation
How we compare
Content Management
Service Management
Deploy anywhere
Overview Deployment options
Explore scalable and flexible deployment options for global organizations of any size
Sovereign cloud
Local control. Global scale. Trusted AI
Private cloud
Your cloud, your control
On-premises
Free up resources, optimize performance and rapidly address issues
Public cloud
Run anywhere and scale globally in the public cloud of your choice
Aviator AI
Overview Aviator AI
See information in new ways
OpenText™ Aviator AI
AI that understands your business, your data, and your goals
OpenText™ MyAviator
Say hello to faster decisions. Your secure personal AI assistant is ready to get to work
OpenText™ Business Network Aviator
Gain better insights with generative AI for supply chains
OpenText™ Content Aviator
Power work with AI content management and an intelligent AI content assistant
OpenText™ Cybersecurity Aviator
Improve your security posture with AI cybersecurity and agile threat detection
OpenText™ DevOps Aviator
Enable faster app delivery, development, and automated software testing
OpenText™ Experience Aviator
Elevate customer communications and experiences for customer success
OpenText™ Service Management Aviator
Empower users, service agents, and IT staff to find the answers they need
Aviator AI
Overview Aviator AI
See information in new ways
OpenText™ Aviator AI
AI that understands your business, your data, and your goals
OpenText™ MyAviator
Say hello to faster decisions. Your secure personal AI assistant is ready to get to work
OpenText™ Business Network Aviator
Gain better insights with generative AI for supply chains
OpenText™ Content Aviator
Power work with AI content management and an intelligent AI content assistant
OpenText™ Cybersecurity Aviator
Improve your security posture with AI cybersecurity and agile threat detection
OpenText™ DevOps Aviator
Enable faster app delivery, development, and automated software testing
OpenText™ Experience Aviator
Elevate customer communications and experiences for customer success
OpenText™ Service Management Aviator
Empower users, service agents, and IT staff to find the answers they need
Analytics
Overview Analytics
Predict, act, and win with real-time analytics on a smarter data platform
OpenText™ Aviator Search(AI)
Give users access to the answers they need, faster and easier, with multi-repository AI-based search that lets you contextualize everything from clicks to conversations
Business Network
Overview Business Network
Connect once, reach anything with a secure B2B integration platform
Content
Overview Content
Reimagine knowledge with AI-ready content management solutions
OpenText™ Content Aviator(AI)
Supercharge intelligent workspaces with AI to modernize work
Cybersecurity
Overview Cybersecurity
Integrated cybersecurity solutions for enterprise protection
OpenText Cybersecurity for SMBs & MSPs
Purpose built data protection and security solutions
OpenText™ Cybersecurity Aviator(AI)
Reinvent threat hunting to improve security posture with the power of agile AI
DevOps
Overview DevOps
Ship better software—faster—with AI-driven DevOps automation, testing, and quality
Experience
Overview Experience
Reimagine conversations with unforgettable customer experiences
Observability and Service Management
Overview Observability and Service Management
Get the clarity needed to cut the cost and complexity of IT operations
OpenText™ Service Management Aviator(AI)
Redefine Tier 1 business support functions with self-service capabilities from private generative AI
APIs
Overview APIs
Build custom applications using proven OpenText Information Management technology
OpenText™ Aviator Thrust
Build it your way with OpenText Cloud APIs that create the real-time information flows that enable custom applications and workflows
Device and Data Protection
Overview Device and Data Protection
Protect what matters, recover when it counts
Unified Endpoint Management Tools
- OpenText™ Endpoint Management
- OpenText™ ZENworks Suite
- OpenText™ ZENworks Service Desk
- OpenText™ ZENworks Configuration Management
- OpenText™ ZENworks Endpoint Security Management
- OpenText™ ZENworks Full Disk Encryption
- OpenText™ ZENworks Endpoint Software Patch Management
- OpenText™ ZENworks Asset Management
Solutions
Information Reimagined
Overview Information Reimagined
Get greater visibility and sharper insights from AI-driven information management. Ready to see how?
Artificial Intelligence
Overview Aviator AI
Break free from silos, streamline processes, and improve customer experiences with secure information management for AI
Industry
Overview Industry solutions
Improve efficiency, security, and customer satisfaction with OpenText
Enterprise Application
Overview Solutions for Enterprise Applications
Run processes faster and with less risk
Maximize sustained growth, value, and innovation with intelligent enterprise solutions from OpenText and SAP
Connect content to business processes for better productivity and stronger governance
Optimize Salesforce effectiveness by bringing together transactional data and unstructured content
Services
Services
Overview Services
Achieve digital transformation with guidance from certified experts
Professional Services
Modernize your information management with certified experts
Customer Success Services
Unlock the full potential of your information management solution
Support Services
Turn support into your strategic advantage
Managed Services
Extend IT teams with certified OpenText application experts
Learning Services
Discover training options to help users of all skill levels effectively adopt and use OpenText products
Professional Services
Overview Professional Services
Modernize your information management with certified experts
Customer Success Services
Overview Customer Success Services
Unlock the full potential of your information management solution
Support Services
Overview Support Services
Turn support into your strategic advantage
Managed Services
Overview Managed Services
Extend IT teams with certified OpenText application experts
Learning Services
Overview Learning Services
Discover training options to help users of all skill levels effectively adopt and use OpenText products
Partners
Find a Partner
Overview Find a partner
Information is the heartbeat of every organization. We build information management software so you can build the future
Cloud Partners
Overview Cloud Partners
OpenText partners with leading cloud infrastructure providers to offer the flexibility to run OpenText solutions anywhere
Migrate, optimize and manage information management solutions on AWS
Optimize performance and reduce costs with applications deployed on a secure, globally scaled platform
Accelerate migration and modernization with deployment in a highly secure and compliant public cloud
Enterprise Application Partners
Overview Enterprise Application Partners
OpenText partners with top enterprise app providers to unlock unstructured content for better business insights
Maximize sustained growth, value, and innovation with intelligent enterprise solutions from OpenText and SAP
Connect content to business processes for better productivity and stronger governance
Optimize Salesforce effectiveness by bringing together transactional data and unstructured content
Partner Solutions
Overview Partner Solutions
Discover flexible and innovative offerings designed to add value to OpenText solutions
Resources for Partners
Overview Resources for Partners
Discover the resources available to support and grow Partner capabilities
Support
Overview Customer Support
Get expert product and service support to accelerate issue resolution and keep business flows running efficiently
Resources
Overview Resources
Explore detailed services and consulting presentations, briefs, documentation and other resources
This page is available for the following regions.
Europe, Middle East and Africa
Asia–Pacific
Rabobank
Rabobank outsmarts advanced persistent threats with ArcSight ESM. This international bank now uncovers cyber threats with enterprise security management
Products and services
Outcomes
- Strengthened network security management with more accurate event correlation and threat detection
- Improved security management team productivity and effectiveness
- Brought entire security posture to a higher level
Challenge
Build more sophisticated use cases to improve accuracy of identifying advanced persistent threats (APTs) for a more timely and targeted response.
Like all financial institutions today, Rabobank is barraged on a daily basis with cyber threats from every imaginable vector. Phishing schemes and malware are a constant nuisance, but the biggest challenge comes from advanced persistent threats—stealthy, continuous hacking attacks by very clever cyber criminals. APTs are often difficult to detect and may be active in a network for months until they are found. At that point, however, damage in the form of data loss or business disruption may already have been inflicted.
For years Rabobank relied on RSA enVision to analyze security alerts. To improve productivity and effectiveness of its security management team, Rabobank needed to build much more sophisticated use cases to provide contextual relevance around security alerts. However, enVision did not provide the necessary capabilities, and new developments from RSA were slow in coming to market.
Details
With the volume and sophistication of APTs on the rise, Rabobank needed to build more complex use cases in its security information & event management (SIEM) solution to improve the accuracy of event correlation and threat detection. By implementing ArcSight Enterprise Security Manager (ESM), Rabobank now correlates a million security logs per day from thousands of data feeds across the enterprise. Using ESM the bank created dozens of advanced use cases to quickly identify abnormal behavior or untrusted devices on its network with a high degree of accuracy. This allows Rabobank to uncover threats that would previously have gone undetected, strengthening security while improving productivity and effectiveness of its security management team.
Leveraging its unparalleled knowledge in the food and agriculture industry, Rabobank is on a mission to build wealth and prosperity in the Netherlands while resolving food issues worldwide. To fulfill that ambition, it must ensure the highest security for its information network.
“ESM reveals security events to us that we were never able to detect before. We’re very happy with ESM and confident we can find threats before they compromise our network or disrupt business. ArcSight provides critical insurance against the damage modern cyber-attacks can inflict on an organization.
Solution
To address its mounting security management needs, Rabobank considered alternatives to RSA, including ArcSight and IBM Qradar. After an intensive evaluation of both tools, the bank chose ArcSight ESM for its robust SIEM capabilities.
Mark Beerends, head of security operations center at Rabobank, explains, “What stood out most about ArcSight ESM was the ability to build very complex use cases. However, we also saw added advantages in being able to integrate ESM with our other Micro Focus (now OpenText) solutions like Micro Focus (now OpenText) Service Manager, which collects a huge amount of data on IT service activity.”
High availability security monitoring
Rabobank deployed three instances of ArcSight ESM, one instance in each of the bank’s two data centers in the Netherlands to ensure high availability and disaster recovery, as well as a third instance for test and development.
The SIEM is so vital to daily operations that Rabobank wanted to ensure that production security monitoring would never be down for more than an hour in the event of a site loss. The test and development instance enables Rabobank’s security management team to run new or updated use cases to understand any impacts of a change before putting the use case into production.
In production, ArcSight ESM collects approximately one million security logs per day from data streams generated by 3,000 HPE ProLiant servers running Microsoft Windows, another 1,000 HPE ProLiant servers running Linux, and more than a dozen HPE Integrity Non stop blade system NB54000c servers.
Rabobank also runs other ArcSight ESM software, Fortify on Demand, and HPE TippingPoint* for application security testing. Beerends notes, “If we discover something in ESM that presents a security threat, it’s easy to add a filter to TippingPoint to block that threat before it has a chance to cause problems on our network. The next step is integration of SIEM and IPS (intrusion prevention system) functions, but that will take time.”
Results
Supports complex use cases for more accurate threat detection
Since deploying ArcSight ESM, Rabobank has developed 30–40 complex use cases, greatly improving the accuracy of event correlation and security alerts. These use cases provide important context so the security management team knows whether an alert requires immediate action or not.
For example, a mistyped password is not necessarily a concern. But knowing that a login attempt is being made at an unusual time of day or from an overseas IP address indicates that a much more serious threat may be at play. Ultimately, this level of detail will reduce the number of false positives and strengthen security across Rabobank’s network.
“ESM provides more options to correlate events from many different feeds,” says Beerends. “Better correlation means higher accuracy in detecting threats. That helps our security analysts know where and when to act. The best thing is we’re logging all the data feeds we need, so we can quickly implement new use cases as needed.”
One example of a recently developed use case is identifying rogue devices on the Rabobank network. The bank runs an open network, which allows anyone in the organization to connect using a personal device. However, cyber criminals could take advantage of this openness to hack into the network. To prevent such activity, Rabobank uses ESM to correlate data from its DHCP servers, Microsoft Active Directory, and network environment to determine if a device is trusted or not.
Integration between ArcSight ESM and Service Manager has also proven key. This provides Rabobank with insight directly into IT service activity, so if a level one alert occurs on an application, the security management team can immediately determine the seriousness of the threat without manually transferring information into the SIEM.
“With the amount of integration and correlation we can now have, ESM brings our security posture to a higher level,” Beerends remarks.
In addition to managing security risk, Rabobank also uses ArcSight ESM compliance reporting to meet regulatory compliance requirements. For example, the bank must be able to prove that system administrators are following proper procedures. Every week ArcSight ESM reports on all administrator activity, allowing Rabobank to easily demonstrate compliance.
Valuable insurance against damaging cyber attacks
As a retail bank, Rabobank is a popular target for cyber criminals who are constantly presenting new and more difficult-to-detect attacks. Moreover, the number of attacks continues to rise steadily every year. But with ArcSight ESM, Rabobank now has a powerful enterprise security management solution to uncover even the most sophisticated APTs and other cyber threats to protect its network and valuable information assets.
Beerends concludes, “ESM reveals security events to us that we were never able to detect before. We’re happy with ESM and confident we can find threats before they compromise our network or disrupt business. ArcSight provides critical insurance against the damage modern cyber-attacks can inflict on an organization.”
About Rabobank
Rabobank is one of the largest cooperative banking organizations in the world. Founded in the 19th century by a group of farmers, Rabobank has grown from its agricultural roots in the Netherlands to become an international financial services provider, active in banking, asset management, leasing, insurance, and real estate.
